On Thu, 2010-03-04 at 15:41 -0600, Ron Johnson wrote:
> On 2010-03-04 15:13, Karsten Bräckelmann wrote:
> > On a related note, the plain whitelist_from without a rcvd or auth
> > constraint is dangerous to use. If possible, always use the constraint
> > ones, and the plain one strictly as a fall-back if there is no other
> > possibility -- and you really need the whitelist. In almost all cases,
> > you don't, and the real problem (if any) goes by unnoticed.
>
> Right. I wanted to get the "simple stuff" working first; then the
> more complicated configurations.
> > How is SA called?
>
> (Lines manually "continued" for easy reading.)
>
> # grep spam /etc/postfix/master.cf
> smtp inet n - n - - \
> smtpd -o content_filter=spamfilter:
> spamfilter unix - n n - - pipe flags=Rq user=spamfilter \
> argv=/usr/local/bin/spamfilter.sh \
> -f ${sender} -- ${recipient}
>
> > Are you using per-user configuration?
>
> I think so. But that "user=spamfilter" makes me now think
> otherwise.
Hardly a postfix expert here, but I believe you are doing your spam
filtering as the user spamfilter. Site-wide configuration, not per-user.
The $HOME used is the one of spamfilter.
Someone correct me, if I'm wrong. :)
> I set this up years ago, and only now care about whitelisting.
I'd suggest to do it right from the beginning. That is, exclusively use
the constraint rcvd or auth whitelisting variants. Also, is there any
valid reason you need this to be per-user? As opposed to maintain a
clean whitelisting site-wide anyway.
Also, as I previously hinted -- a *need* for whitelisting often is
caused by some mis-configuration or training. Whitelisting is very
rarely necessary. Do you really need it?
guenther
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
